input {
file {
type => “tomcatout”
path => “/root/catalina.out”
codec=> multiline {
pattern => “^\d{4}-\d{1,2}-\d{1,2}\s\d{1,2}:\d{1,2}:\d{1,2}”
negate => true
what => “previous”
}
start_position => beginning
ignore_older => 0
}
file {
type => “nginx”
path => “/var/log/httpd/access_log”
start_position => beginning
ignore_older => 0
}
}
filter {
grok {
match => { “message” => “%{COMBINEDAPACHELOG}”}
}
geoip {
source => “clientip”
}
}
output {
if [type] == “tomcatout” {
elasticsearch {
action => “index”
hosts => [ “192.168.57.139:9200” ]
index => “tomcatout”
}
}
if [type] == “nginx” {
elasticsearch {
action => “index”
hosts => [ “192.168.57.139:9200” ]
index => “nginx”
}
}
}